266 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-28277
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Heap-based Buffer Overflow vulnerabilty exists in jhead 3.04 and 3.05 is affected by: Buffer Overflow via the RemoveUnknownSections function in jpgfile.c...
Linux Distros Unpatched Vulnerability : CVE-2019-7175
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c. CVE-2019-7175 Note that Nessus relies on the presence of the package as...
Linux Distros Unpatched Vulnerability : CVE-2015-9019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to...
Linux Distros Unpatched Vulnerability : CVE-2019-14492
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in...
Linux Distros Unpatched Vulnerability : CVE-2014-9462
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone...
Linux Distros Unpatched Vulnerability : CVE-2016-9932
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a...
Linux Distros Unpatched Vulnerability : CVE-2019-9741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to...
Linux Distros Unpatched Vulnerability : CVE-2017-9155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service invalid read and SEGV, related to the inputpnmreader function in...
Linux Distros Unpatched Vulnerability : CVE-2017-17812
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read in the function detoken in asm/preproc.c that will cause a remote denial of service...
Linux Distros Unpatched Vulnerability : CVE-2019-12481
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box...
Linux Distros Unpatched Vulnerability : CVE-2017-15286
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where sqlite3steppStmt==SQLITEROW is false...
Linux Distros Unpatched Vulnerability : CVE-2019-11023
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The agroot function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv. CVE-2019-11023...
Linux Distros Unpatched Vulnerability : CVE-2014-3521
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The component in 1 /luci/homebase and 2 /luci/cluster menu in Red Hat Conga 0.12.2 allows remote authenticated users to bypass intended access restrictions via ...
Linux Distros Unpatched Vulnerability : CVE-2016-5038
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dwarfgetmacrostartendfile function in dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read via ...
Linux Distros Unpatched Vulnerability : CVE-2019-14665
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Brandy 1.20.1 has a heap-based buffer overflow in definearray in variables.c via crafted BASIC source code. CVE-2019-14665 Note that Nessus relies on the presen...
Linux Distros Unpatched Vulnerability : CVE-2017-14139
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c. CVE-2017-14139 Note that Nessus relies on the presence of the package as...
Linux Distros Unpatched Vulnerability : CVE-2017-0901
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesyste...
Linux Distros Unpatched Vulnerability : CVE-2020-19726
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of...
Linux Distros Unpatched Vulnerability : CVE-2021-26222
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ezxmlnew function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. CVE-2021-26222 Note that...
Linux Distros Unpatched Vulnerability : CVE-2017-11406
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by...